Commit graph

1396 commits

Author SHA1 Message Date
Alex Auvolat
70622d02f8
[test-presigned] Use a HeaderMap type for QueryMap 2024-03-04 14:29:14 +01:00
asonix
578bc8d703
Store original-cased query keys alongside query values 2024-03-04 14:29:14 +01:00
asonix
6ab80cd36a
Lowercase query parameter keys when parsing 2024-03-04 14:29:14 +01:00
Alex
e285994977 Merge pull request 'Bump version to v0.8.6' (#746) from rel-0.8.6 into main-0.8.x
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/746
2024-03-01 14:07:00 +00:00
Alex Auvolat
d94b086db3
[rel-0.8.6] Bump version to v0.8.6 2024-03-01 13:57:24 +01:00
Alex
34086531a8 Merge pull request 'Backport AWS signature verification refactoring and fixes to v0.8.x' (#744) from backport-735-v0.8.x into main-0.8.x
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/744
2024-03-01 12:49:43 +00:00
Alex Auvolat
430d0be48c
[backport-735-v0.8.x] backport changes to custom_requester.rs 2024-03-01 13:21:23 +01:00
Alex Auvolat
610af71e36
[backport-735-v0.8.x] backport AWS signature verification refactoring 2024-03-01 13:21:23 +01:00
Alex
f01883794e Merge pull request 'Security: backport #737 to the v0.8.x branch' (#740) from backport-737-0.8.x into main-0.8.x
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/740
2024-03-01 11:16:41 +00:00
Alex Auvolat
70899b0e37
[fix-auth-ct-eq] use consant time comparison for awsv4 signature verification 2024-02-29 18:13:41 +01:00
Alex Auvolat
c00a028cc8
[fix-auth-ct-eq] use argon2 hashing and verification for admin/metrics token checking 2024-02-29 18:13:37 +01:00
Alex
9b44639844 Merge pull request 'Backport woodpecker CI to v0.8.x branch' (#741) from woodpecker-0.8.x into main-0.8.x
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/741
2024-02-29 17:13:15 +00:00
Alex Auvolat
a6660f71e6
[woodpecker-0.8.x] backport woodpecker CI to v0.8.x branch 2024-02-29 17:19:46 +01:00
Alex
083e982f5f Merge pull request 'Garage v0.8.5' (#687) from rel-0.8.5 into main-0.8.x
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/687
2024-01-16 10:30:54 +00:00
Alex Auvolat
50643e61bf
Bump version to 0.8.5 2024-01-16 10:47:33 +01:00
Alex
a6421ee5a5 Merge pull request 'monitoring: finer histogram boundaries in prometheus metrics (fix #531)' (#686) from fix-531 into main-0.8.x
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/686
2024-01-15 16:44:58 +00:00
Alex
993ce74976 Merge pull request '0.8.x: config: refactor secret sourcing' (#685) from secret-sourcing into main-0.8.x
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/685
2024-01-15 16:41:50 +00:00
Alex Auvolat
f512609123
monitoring: finer histogram boundaries in prometheus metrics (fix #531) 2024-01-15 17:33:35 +01:00
Alex Auvolat
97bae7213a
config: additional tests for secret sourcing 2024-01-15 17:30:30 +01:00
Alex Auvolat
7228695ee2
config: refactor secret sourcing 2024-01-15 17:18:46 +01:00
Alex
ee7fe27d3d Merge pull request 'Add allow_world_readable_secrets option to config file' (#663) from PicNoir/garage:nin/world-readable-conf-file into main-0.8.x
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/663
2024-01-15 15:20:16 +00:00
Félix Baylac Jacqué
f83fa02193 Add allow_world_readable_secrets option to config file
Sometimes, the secret files permissions checks gets in the way. It's
by no mean complete, it doesn't take the Posix ACLs into account among
other things. Correctly checking the ACLs would be too involving (see
https://git.deuxfleurs.fr/Deuxfleurs/garage/issues/658#issuecomment-7102)
and would likely still fail in some weird chmod settings.

We're adding a new configuration file key allowing the user to disable
this permission check altogether.

The (already existing) env variable counterpart always take precedence
to this config file option. That's useful in cases where the
configuration file is static and cannot be easily altered.

Fixes https://git.deuxfleurs.fr/Deuxfleurs/garage/issues/658

Co-authored-by: Florian Klink <flokli@flokli.de>
2023-10-26 18:25:13 +02:00
Alex
4b3dee2ca3 Merge pull request 's3 api: add missing CORS headers to PostObject responses (fix #609)' (#656) from fix-cors-post-object into main-0.8.x
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/656
2023-10-26 09:17:14 +00:00
Alex Auvolat
ac04934dae s3 api: add missing CORS headers to PostObject responses (fix #609) 2023-10-20 10:37:48 +02:00
Alex
0215b11402 Merge pull request 'Add support for specifying rpc_secret_file, metrics_token_file and admin_token_file using environment variables' (#643) from networkException/garage:token-file-env into main-0.8.x
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/643
2023-10-19 09:33:12 +00:00
networkException
8599051c49
garage: support specifying token / secret as environment variables
this patch adds support for specifying the `rpc_secret_file`,
`metrics_token_file` and `admin_token_file` as environment variables.
2023-10-19 03:39:02 +02:00
networkException
4a19ee94bb
garage: fix admin-token description 2023-10-19 03:31:50 +02:00
networkException
c99cb58d71
util: move reading secret file into seperate helper
this patch moves the logic to read a secret file (and check for correct
permissions) from `secret_from_file` into a new `read_secret_file`
helper.
2023-10-19 03:29:48 +02:00
networkException
5feb6a1f64
docs: add documentation for specifying token / secret file as environment variables 2023-10-19 03:28:44 +02:00
Alex
e75fe2157d Merge pull request 'Move convert_db command into main garage binary' (#645) from convert-db-main-binary into main
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/645
2023-10-10 11:42:14 +00:00
Alex Auvolat
2d5d7a7031 Move convert_db command into main garage binary 2023-10-10 12:13:15 +02:00
Alex
1243db87f2 Merge pull request 'Add support for binding to unix domain sockets' (#640) from networkException/garage:unix-sockets into main
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/640
2023-10-03 16:23:02 +00:00
networkException
6f8a87814b
doc: add documentation for specifying unix socket paths 2023-10-03 17:56:34 +02:00
networkException
7907a09acc
api: allow custom unix bind mode and use 0o220 for admin server 2023-10-03 17:31:40 +02:00
Alex
16aa418e47 Merge pull request 'doc: update endpoint_url documentation' (#641) from flokli/garage:aws-endpoint-url into main
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/641
2023-10-02 14:30:53 +00:00
Florian Klink
cb359b4434 doc: update endpoint_url documentation
Since `awscli` `>=1.29.0` or `>=2.13.0` it is now possible to use the
`AWS_ENDPOINT_URL` environment variable, or the `endpoint_url` config
key to override the endpoint URL. This means, the aws bash function to
wrap with --endpoint-url is not necessary anymore. Update invocations to
reflect that.

https://docs.aws.amazon.com/sdkref/latest/guide/feature-ss-endpoints.html
https://github.com/aws/aws-cli/issues/4454#issuecomment-1626116607
2023-10-02 17:16:11 +03:00
networkException
8ec6a53b35
everywhere: support unix sockets when binding in various places
this patch implements binding to paths as a unix socket for generic
server and web server.
2023-09-29 18:57:44 +02:00
networkException
7353038a64
config: allow using paths for unix domain sockets in various places
this patch updates the config format to also allow paths in bind
addresses for unix domain sockets.

this has been added to all apis except rpc.
2023-09-29 18:38:30 +02:00
networkException
10195f1567
util: add helper sum type for unix and tcp socket addresses
this patch introduces a new sum type that can represent either a
tcp socket address or a unix domain socket path.
2023-09-29 18:37:36 +02:00
networkException
6086a3fa07
cargo: add hyperlocal as a dependency 2023-09-29 18:37:12 +02:00
Alex
3a0e074047 Merge pull request 'prez-ocp' (#636) from prez-ocp into main
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/636
2023-09-21 08:15:10 +00:00
Alex Auvolat
95ae09917b add ocp2023 presentation 2023-09-19 14:02:07 +02:00
Alex Auvolat
a7ababb5db doc: update sticker 2023-09-18 16:40:06 +02:00
Alex
be1a16b42b Merge pull request 'Fix multiple shutdown issues' (#633) from fix-shutdown into main
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/633
2023-09-12 12:54:50 +00:00
Alex Auvolat
91e764a2bf fix hang on shutdown 2023-09-12 14:35:48 +02:00
Alex Auvolat
aa79810596 Fix error when none of S3/K2V/WEB/ADMIN server is started (fix #613) 2023-09-12 14:35:19 +02:00
Alex
143a349f55 Merge pull request 'fix 32-bit build' (#632) from fix-32bit into main
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/632
2023-09-11 21:08:26 +00:00
Alex Auvolat
9cfe55ab60 fix 32-bit build 2023-09-11 20:01:29 +02:00
Alex
2548a247f2 Merge pull request 'use statvfs instead of mount list to determine free data/meta space (fix #611)' (#631) from fix-free-space into main
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/631
2023-09-11 17:29:23 +00:00
Alex Auvolat
d5bb50d738 use statvfs instead of mount list to determine free data/meta space (fix #611) 2023-09-11 19:08:24 +02:00